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DETAILED ACTION 
Response to Arguments 

1 . The Examiner acl^nowledges amendments to tine abstract and specification 
dated 06 IVlay 2009. 

2. Applicant argues claims 63-78 should be examined on the merits. 

The Examiner disagrees. Applicant responded to the restriction/election 
requirement dated 25 November 2008 to examine species I on the merits "without 
traverse" (see response filed 24 December 2008). In said response, applicant amended 
claims 63, 64 & 77 to depend upon claim 44. 

Ergo, claims 44-62 are drawn on elected species I, which are examined on the 
merits. Claims 63-78 are drawn to non-elected species and withdrawn from 
consideration. 

The requirement is still deemed proper and is therefore made FINAL. 

3. Applicant's arguments with respect to claims 44 and 46-62 have been considered 
but are moot in view of the new ground(s) of rejection. However, the Examiner will 
address issues raised by applicant. 

4. The Examiner notes that while applicant has incorporated essential subject 

matter into claim 44 from claim 45, applicant has further amended claim 44 to 
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incorporate subject matter outside claims 44 & 45, tliereby sufficiently altering the scope 
of the claims & necessitating a further search of the art. Applicant amends claim 51 . 

5. In light of the amendments to the claims, the rejections under 35 U.S.C. 112, 
second paragraph, are withdrawn. 

The fact that the Examiner may not have specifically responded to any particular 
arguments made by Applicant and Applicant's Representative, should not be construed 
as indicating Examiner's agreement therewith. 

Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 

invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

6. Claims 44-59 and 61 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over Wireless Identity Module," 12 July 2001 , Wireless Application Protocol, WAP-260- 
WIM-20010712-a, hereinafter referred to as WIM, in view of Brown et al (U.S. Pat 

5537474 A), hereinafter referred to as Brown. 

Re claim 44 : WIM teaches a tamper-resistant security device (page 94: "13,2 
Wiy for Networks Not Utilizing s Smartcard Based SiM; hi nei;wofts lhat do not utsiize a 
sniartcarxj based S^y, the W^M can be implemented ... in a tamper-resistant device, 
otiier tiian a smartcard") comprising: 
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memory for storing user credentials, including at least a security key; an 
Authentication and Key Agreement (AKA) module for performing an AKA process with 
said security key (page 8: "777© Idenl/jy Mocfo/e flMlvf) /s ysed psm)i'??)j/)0 vVTIsS 
and app/fCaiK;}/) lei/e/ ^^eciinly llfncl/ofi^, and esp@Cfa% to sfon? and pmcess /n/bm?af/oa 
needed for user identificauon and authenilcaiion. The functionaiiiy presented here is 
based on the requirement that sensitive data, espeeiaiiy iieys, can be stored in the WiM, 
and all operatlGns where these keys am in\/ol\/ed can be peifGrmed In the WIM"), 
an application for cooperation with said AKA module that performs enhanced security 
processing of at least one parameter associated with said AKA process (page 8: "For 
optimum security, some parts of i.he securiiy functlonayty need io be pertormed by a 
tarnper-resistant device, so that an attaci'^er cannot retrieve sensitive data. Sucii data is 
espeeiaiiy Lhe permanent private i<eys used sn the W'TLS iiandsiiaKe with client 
authentication, and for rnsi<ing application ievel eiectronic signatures (such as 
confirming an appiicaiion ievei transaction);" page 8 "The WAP Identity Module (WIM) is 
used In perlbrming WTLS and application level security functions, and especially, to 
store and process information needed 1br user Identification and authentication,;" ";"). 
While WIM provides for "regular mobile phones" (WIM: page 8) and internal application 
interfaces (WIM, page 8: "PKI functionaiity (including WTLS client auiheniication with 
private i<eys, and WMLScript digital signatures) can be irnpiemented in pure software in 
normal PDAs or phones, using passwor^l protection, encryption etc. However, such 
impiernentaiions cannot be considered as W^M implementations, and are out of scope 
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of ihis specification. At ihe same time, service inierfaces defined in ti-iis specification 
may be use1\jl for designing internai software interfaces Ibr these impiementations,"). 

However, WIM does not explicitly disclose a communications interface for 
external communication and an application interface internal to the tamper-resistant 
security device for interfacing said AKA module and said cooperating application. 

Brown teaches a communications interface for external communication (Fig 1 , elt 
110 & 120) and an application interface internal to the tamper-resistant security device 
for interfacing said AKA module and said cooperating application (col 3, lines 48-58). 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to have modified the teachings of WIM with the teachings of Brown, 
for the purpose of internalizing all cryptographic components into one device, as taught 
by Brown. It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to incorporate the unity of Mobile Equipment in Brown into the 
teachings of WIM, since it has been held that forming in one piece an article which has 
been formerly been formed in two pieces, in this case, mobile equipment with a SIM, 
and put together involves only routine skill in the art (Howard v. Detroit Stove Works, 
150 U.S. 164 (1893)). 

Re claim 46 : The combination of WIM and Brown teaches enhanced security 
processing includes at least one of: pre-processing of at least one AKA input parameter; 
and post-processing of at least one AKA output parameter (WIM: page 26: section 
7.2.4.6; page 31: "Establishing pre-master secret"). 
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Re claim 47 : Tine combination of WIM and Brown teaches enhanced security 
processing includes encapsulation of said at least one AKA parameter (WIM: page 21 : 
section 7.2.2.1; page 43: section 9.4.6). 

Re claim 48 : The combination of WIM and Brown teaches cooperating 
application is receiving at least one AKA parameter from said AKA process to generate 
a further AKA parameter that has higher security than said received AKA parameter 
(WIM: page 8: "This specification does not define exact: requirements for tamper- 
resistance. Busir^esses csn ervibrce certain requirements and policies using F^Kl based 
mechanisms, Appiicaiions should oniy accepi: certificates signed by Certification 
Authorities that are i<nown to fuifiii the requirements and policies. PKi functionaiity 
(including WTLS ciient authentication with private keys, and WMLScript digitai 
signatures) can be irnpiemented in pure soitware in norrnai PDAs or phones, using 
password protection, encryption etc. However, such Implementations cannot be 
considered as Wiy impiementations, and are out of scope of Ihis speciilcation. At ihe 
same time, service interfaces defined in this specification may be useful for designing 
internal sofiware interfaces tor these implementations,"). 

Re claim 49 : The combination of WIM and Brown teaches enhanced security 
processing includes evaluation of a predetermined number of consecutive AKA input 
parameters for verifying that said AKA input parameters can be used securely (WIM: 
page 18: "Signature verification by W^M may be used in cases where an application 
needs verificaiion capabiiiiy (e.g. certificate or end entity Signature venfication) but the 
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versfication aigorithrn is not present in ii-ie ME, or ti-se verification algorithm 
inipi^rjiBntsiJon is mor© efficient sn the WIM "). 

Re claim 50 : The combination of WIM and Brown teaches enhanced security 
processing further includes combination of a predetermined number of consecutive AKA 
output parameters generated in response to a number of corresponding unique AKA 
input parameters (WIM: see various APDU commands: pages 74-78). 

Re claim 51 : The combination of WIM and Brown teaches means for registration 
or detection of information representative of security conditions in relation to said 
tamper-resistant security device; and means for performing security policy processing 
based on said information (Brown: col 4, lines 32-59; col 5, line 39 - col 6, line 3) 

Re claim 52 : The combination of WIM and Brown teaches the security conditions 
reflect at least one of an environment in which said security device is operated and a 
network interface over which a request for AKA processing originates (WIM: page 8: 
"The Wireiess Appiication Protocoi (WAP) is a result of conlinuous work to define an 
industry-wide specification for deveioping applications that operate over wireless 
comm u n ication networks /') . 

Re claim 53 : The combination of WIM and Brown teaches security policy 
processing includes at least one of a security policy decision process and a security 
policy enforcement process (WIM: page 8: "This specif icai:ion does not define exact 
requirements for tarnper-resistance. Businesses can enforce certain requirements and 
policies using PKi based meci'iansms. Applications should only accept certificates 
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signed by Certification Auihoriiies ti-sat are i^nown to fuifiii the requirements and 
poiicies."). 

Re claim 54 : The combination of WIM and Brown teaches means for performing 
security policy processing comprises means for selectively disabling direct access to 
said AKA module (WIM: page 95: 'In a typical case, ihe PiN-G is used to protect aii files 
(which need to be protected) and i-^eys except non-repudiation iieys. if tiie PIN-G is not 
disabled, the ME must send the P^N-G after the W^M application Is selected, In orxler to 
be able to use Keys arKi perforrri oiher operations thai require the Pihi-G, More 
precisely, the ME SHOULD do the following when the secure funcilons are required the 
firsl. tinie;'). 

Re claim 55 : The combination of WIM and Brown teaches tamper-resistant 
security device comprises means for detecting whether said tamper-resistant security 
device is operated in its normal environment or in an environment considered insecure 
(WIM: page 49: "For the VVAP-WTLS application there are iwo predefined SEs with their 
associated number."), and said means for performing security policy processing 
comprises means for disabling direct access to said AKA module when operated in said 
insecure environment (WIM: page 95: "In a typical case, the RIN G Is used to protect ail 
files (wliich need to be protected) and keys except non-repudiation keys. If ihe PIN-G is 
not disabied, the ME must send the Pihi-G after the WliV! appiication is selected, in 
order to be able to use keys and perlbrm other operations that require the PIN-G, More 
preciseiy, the ME SHOULD do the foiiowing when the secure functions are required ihe 
first time."). 
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Re claim 56 : Tine combination of WIM and Brown teaches said cooperating 
application includes a security enhancing application, and said security device further 
comprises means for transferring a request for AKA processing directly to said AKA 
module if said security device is operated in an environment considered secure, and 
means for transferring said request to said security enhancing application if said 
security device is operated in an environment considered insecure (WIM: page 74, 
section 1 1 .3.6.4: "PERFORM SECURITY OPERATIONS"). 

Re claim 57 : The combination of WIM and Brown teaches cooperating 
application is performing at least part of the computations in connection with end-to-end 
key agreement between users (WIM: page 26, section 7.2.4.5: "WIM-KeyAgreement"). 

Re claim 58 : The combination of WIM and Brown teaches cooperating 
application is masking key information generated by said AKA module (WIM: page 17: 
"The W^y is used to protect permanenl:, typicsily certified, private keys. The VViy stores 
these keys and performs operauons using these keys;" page 18: "AppHcauon ievei 
securitv operations that use the W^y inciude ssonino and unwrappina a Key"). 

Re claim 59 : The combination of WIM and Brown teaches cooperating 
application is a software application installed in an application environment of said 
tamper-resistant security device (WIM: page 63: "The WIM applicaiion frsay have to 
reside on the card with other appiications, eg, GSy. k is seiected using an Appiication 
Identifier (AID) which is a combination of a Registered Application Provider identifier 
(Rii:)) and a PiDprietary Appiication identifier Extension (PiX) nS07S16-6j."). 
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Re claim 61 : Tine combination of WIM and Brown teaches cooperating 
application is a privacy enhancing application, which participates in managing a user 
pseudonym (WIM: page 12: "A tamper-resistani: device which Is used in performing 
WTLS and appiicaiion ievei security functions, and especiaiiy, to store and process 
information needed for user identification and authentication."). 

7. Claim 60 is rejected under 35 U.S.C. 103(a) as being unpatentable over Wireless 
Identity Module," 12 July 2001 , Wireless Application Protocol, WAP-260-WIM- 

2001 071 2-a, hereinafter referred to as WIM, Brown et al (U.S. Pat 5537474 A), 
hereinafter referred to as Brown, in further view of Vatanen et al (WO 00/4841 6), 
hereinafter referred to as Vatanen. 

Re claim 60 : The combination of WIM and Brown teaches all the limitations of 
claim 59 as previously discussed. 

However, Vatanen teaches said application is securely downloaded into said 
tamper-resistant security device from a trusted party (page 4, line 34 - page 5, line 3). 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to have modified the teachings of WIM and Brown with the 
teachings of Vatanen, for the purpose of installing authenticate applications on a 
portable device, as is known in the art. 

8. Claim 62 is rejected under 35 U.S.C. 103(a) as being unpatentable over Wireless 
Identity Module," 12 July 2001 , Wireless Application Protocol, WAP-260-WIM- 
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2001 071 2-a, hereinafter referred to as WIM, Brown et al (U.S. Pat 5537474 A), 
hereinafter referred to as Brown, in further view of Miyoshi (U.S. Pat Pub 2003/0074570 
Al), hereinafter referred to as Miyoshi. 

Re claim 62 : The combination of WIM and Brown teaches all the limitations of 
claim 61 as previously discussed. 

However, Vatanen teaches said privacy enhancing application is requesting an 
AKA response from said AKA module based on an old user pseudonym and for 
generating a new user pseudonym based on the received AKA response (Fig 5: 
elements "RETURN TEMPORARY INTERFACE ID" and "DISTRIBUTE NEW REAL 
INTERFACE ID"). 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to have modified the teachings of WIM and Brown with the 
teachings of Vatanen, for the purpose of updating access information on portable 
devices, as Is known in the art. 

Conclusion 

Examiner's Note: Examiner has cited particular columns and line numbers in the 
references applied to the claims above for the convenience of the applicant. Although 
the specified citations are representative of the teachings of the art and are applied to 
specific limitations within the individual claim, other passages and figures may apply as 
well. It Is respectfully requested from the applicant in preparing responses to fully 
consider the references in entirety as potentially teaching all or part of the claimed 
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invention, as well as the text of the passage taught by the prior art or disclosed by the 
examiner. 

In the case of amending the claimed invention. Applicant is respectfully 
requested to indicate the portlon(s) of the specification which dictate(s) the structure 
relied on for proper interpretation and also to verify and ascertain the metes and bounds 
of the claimed invention. 

Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to DARREN SCHWARTZ whose telephone number is 
(571)270-3850. The examiner can normally be reached on 7am-4pm. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on (571 )272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

ID. S./ 

Examiner, Art Unit 2435 
/Kimyen Vu/ 

Supervisory Patent Examiner, Art Unit 2435 



